<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ page import = "javax.servlet.http.Cookie" %>
<%@page import="java.util.HashMap"%>
<%@page import="jdbc.JdbcDao"%>

<%
	String email_status = null;
	HashMap<String, String> user_info = null;
	{
		String sid = request.getSession().getId();
		Cookie ck = null;
		String email = null;

		for (Cookie i : request.getCookies())
	if (i.getName().equals("email") && !i.getValue().isEmpty())
		ck = i;

		JdbcDao mysql = new JdbcDao();

		if (ck != null) {
	email = ck.getValue();
	String psid = mysql.getPersonalInfo(email, "session");
	// 检查session 是否合法
	if (!(psid != null && psid.equals(sid)))
		email = null;
		}

		String login_email = request.getParameter("login_email");
		String login_password = request.getParameter("login_password");

		if (login_email != null && login_password != null) {
			System.out.println(login_email);
			System.out.println(login_password);
			if (login_password.equals("??????")) {
				System.out.println("forget password");
				%>
				<%@ include file = "./forgetPassword.jsp" %>
				<%
			} else {

				System.out.println(login_email);
				System.out.println(login_password);
				String pp = mysql.getPersonalInfo(login_email,
						"password");

				// TODO: 非明文加密字符串
				if (pp.equals(String.valueOf(login_password.hashCode()))) {
					System.out.println("log ok");
					// 登陆成功, 设置 session 和 cookie
					mysql.changeUserContent(login_email, "session", sid);
					ck = new Cookie("email", login_email);
					// TODO: set domain
					// ck.setDomain("/");
					response.addCookie(ck);
					mysql.setLastlogin(login_email);
					email = login_email;

				}

			}
			//TODO: no hard code here
			response.sendRedirect("/Info/main/index.jsp");
		}

		if (email != null) {
			email_status = email;
			user_info = mysql.getAllPersonalInfo(email);
		}
	}
%>